Scribd Logo
Upload

Welcome to Scribd!

  • Product Support Notice: Avaya Proprietary - Use Pursuant To The Terms of Your Signed Agreement or Company Policy

    Uploaded by

    keidy lugo
    15 views3 pages

    Original Title

    PSN005608u

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    15 views3 pages

    Product Support Notice: Avaya Proprietary - Use Pursuant To The Terms of Your Signed Agreement or Company Policy

    Uploaded by

    keidy lugo

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Product Support Notice © 2021 Avaya Inc. All Rights Reserved.

    PSN # PSN005608u Avaya Proprietary – Use pursuant to the terms of your signed agreement or company policy.
    Original publication date: 27-April-2020, This is issue: 06 published date: Severity/risk level High Urgency Immediately
    18-October-2021.
    Name of problem
    1100 and 1200 Series Phone Transition to SHA-2 Compliant Firmware Signing Certificate

    Products affected
    1200 Series Phone,1100 Series Phone, CS1000 (UNIStim and SIP) on Aura.
    Note, that 11XX SIP5.x firmware requires Avaya Aura 8.1.3.2 or later release.
    This does NOT include phones connecting to AS 5300. AS 5300 will support SIP 5.x firmware at a later date. AS 5300 SIP
    phones should NOT be upgraded to SIP 5.x until instructed to by AS 5300.

    Problem description

    The current firmware signatures on 1100 & 1200 series phones need to be upgraded to SHA-2 to ensure customers have
    the latest security when performing firmware upgrades.

    The resolution outlines the firmware required for customers to upgrade to the SHA-2 firmware signing certificate.

    *Please note: phones will still function normally without any further upgrades. The path outlined below is to ensure that
    1100/1200 series phones has the latest signing certificate for firmware upgrades.

    Resolution

    Follow the procedure outlined below to complete the transition to the SHA-2 signing certificate for firmware upgrades.

    For UNIStim users

    Important Note: If your device is on UNIStim v5.5 SP8 or older please start with step 1, otherwise skip to step 2

    Step 1: Install intermediate UNIStim patch to enable transition to SHA-2. This step applies only to phones on
    versions UNIStim v5.5 SP8 or older. Link to download page here:
    https://support.avaya.com/downloads/download-details.action?contentId=1399820216907&productId=P0599

    Step 2: Install UNIStim v5.5 SP11. Link to download page: https://support.avaya.com/downloads/download-


    details.action?contentId=C2021122115831270_4&productId=P0599

    For SIP users (For 1200 Series, applies to only 1220 and 1230 models)

    Important Note: If your device is on SIP v4.4 SP11 or older please start with step 1, otherwise skip to step 2

    Step 1: Install intermediate SIP patch to enable transition to SHA-2. This applies only to phones on versions
    SIP v4.4 SP11 or older. Link to download page here: https://support.avaya.com/downloads/download-
    details.action?contentId=1399820408041&productId=P0599
    Step 2: Install SIP v5.x. Please note SIP 5.1 is in controlled introduction. Please reach out to Avaya support
    to determine eligibility for the new firmware.

    Following the release of UNIStim v5.5 SP11 and SIP v5.x, all future firmware will be signed with a SHA-2
    certificate only.

    Once the firmware above is installed, you will not be able to downgrade to an earlier firmware version which
    only supports the SHA-1 signing certificate.

    It was stated previously that it will not be possible to upgrade from UNIStim v5.5 SP8 or SIP v4.4 SP11 or older after October
    1st, 2021 as the extended SHA-1 certificate in the intermediate patch will expire for firmware upgrades.

    However, Avaya has decided to extend the certificate expiry to April 1, 2022 in the intermediate patch to provide more time to
    customers to transition that are on UNIStim v5.5 SP8 or SIP v4.4 SP11 or older.

    Workaround or alternative remediation

    Remarks
    n/a
    FAQ
    Why do I need to upgrade all these phones to UNIStim v5.5 SP11 or SIP v5.x?

    Upgrading from UNIStim v5.5 SP8 or SIP v4.4 SP11 or older will not be possible after April 1, 2022 when the new SHA-1
    certificate will expire.

    You do not need to upgrade if you don’t require firmware enhancements (however it is recommended to ensure the latest
    security). The phone will still function normally on previous firmware versions.

    Can I transition from any version earlier than UNIStim v5.5 SP8 or SIP v4.4 SP11?

    Yes. If your device falls in the following versions:

    • On UNIStim v5.5 SP8 or older


    • On SIP v4.4 SP11 or older

    You will need to install an intermediate patch as outlined in the resolution section, before installing the SHA-2 build (UNIStim
    v5.5 SP11 or SIP v5.x). Otherwise you can directly install the SHA-2 build provided in Step 2.

    What are the symptoms of the firmware upgrade failing?

    You will see failed message in phone screen when you try to make upgrade/downgrade if you are using any
    versions earlier than UNIStim v5.5 SP8 or SIP v4.4 SP11.

    What is the recovery process?

    You can use Boot C mode for upgrade/downgrade if you are using versions earlier than UNIStim v5.5 SP8 or SIP v4.4
    SP11.

    Patch Notes
    The information in this section concerns the patch, if any, recommended in the Resolution above.
    Backup before applying the patch
    Download

    Patch install instructions Service-


    interrupting?
    Yes
    Verification

    Failure
    n/a
    Patch uninstall instructions
    n/a

    Security Notes
    The information in this section concerns the security risk, if any, represented by the topic of this PSN.
    Security risks
    n/a
    Avaya Security Vulnerability Classification
    Not Susceptible
    Mitigation
    n/a

    If you require further information or assistance please contact your Authorized Service Provider, or visit
    support.avaya.com. There you can access more product information, chat with an Agent, or open an online
    Service Request. Support is provided per your warranty or service contract terms unless otherwise specified in the
    Avaya support Terms of Use.
    Disclaimer: ALL INFORMATION IS BELIEVED TO BE CORRECT AT THE TIME OF PUBLICATION AND IS PROVIDED “AS IS”.
    AVAYA INC., ON BEHALF OF ITSELF AND ITS SUBSIDIARIES AND AFFILIATES (HEREINAFTER COLLECTIVELY REFERRED TO
    AS “AVAYA”), DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF
    MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND FURTHERMORE, AVAYA MAKES NO
    REPRESENTATIONS OR WARRANTIES THAT THE STEPS RECOMMENDED WILL ELIMINATE SECURITY OR VIRUS THREATS
    TO CUSTOMERS’ SYSTEMS. IN NO EVENT SHALL AVAYA BE LIABLE FOR ANY DAMAGES WHATSOEVER ARISING OUT OF
    OR IN CONNECTION WITH THE INFORMATION OR RECOMMENDED ACTIONS PROVIDED HEREIN, INCLUDING DIRECT,
    INDIRECT, CONSEQUENTIAL DAMAGES, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF AVAYA HAS BEEN
    ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    THE INFORMATION PROVIDED HERE DOES NOT AFFECT THE SUPPORT AGREEMENTS IN PLACE FOR AVAYA PRODUCTS.
    SUPPORT FOR AVAYA PRODUCTS CONTINUES TO BE EXECUTED AS PER EXISTING AGREEMENTS WITH AVAYA.
    All trademarks identified by ® or TM are registered trademarks or trademarks, respectively, of Avaya Inc.
    All other trademarks are the property of their respective owners.

    You might also like